Cisco Nexus 5000 Series Switch CLI Software Configuration Guide (OL-16597-01, July 2009)

ManualsBrandsHP ManualsStorageCisco Nexus 5010 with FCoE Storage Services License Converged Network Switch

361

362

363

364

365

366

367

368

369

370

PurposeCommand or Action

Specifies a user role and enters role configuration

mode.

switch(config)# role name role-name

Step 2

Enters role interface policy configuration mode.switch(config-role)# interface policy

deny

Step 3

Specifies a list of interfaces that the role can access.switch(config-role-interface)# permit

interface interface-list

Step 4

Repeat this command for as many interfaces as

needed.

For this command, you can specify Ethernet

interfaces, Fibre Channel interfaces, and virtual Fibre

Channel interfaces.

Exits role interface policy configuration mode.switch(config-role-interface)# exit

Step 5

(Optional)

Displays the role configuration.

switch(config-role)# show role

Step 6

(Optional)

Copies the running configuration to the startup

configuration.

switch(config-role)# copy

running-config startup-config

Step 7

The following example shows how to change a user role interface policy to limit the interfaces that the user

can access:

switch# configure terminal

switch(config)# role name UserB

switch(config-role)# interface policy deny

switch(config-role-interface)# permit interface ethernet 2/1

switch(config-role-interface)# permit interface fc 3/1

switch(config-role-interface)# permit interface vfc 30/1

You can specify a list of interfaces that the role can access. You can specify it for as many interfaces as needed.

Changing User Role VLAN Policies

You can change a user role VLAN policy to limit the VLANs that the user can access.

Procedure

PurposeCommand or Action

Enters configuration mode.switch# configure terminal

Step 1

Specifies a user role and enters role configuration

mode.

switch(config)# role name role-name

Step 2

Enters role VLAN policy configuration mode.switch(config-role)# vlan policy deny

Step 3

Specifies a range of VLANs that the role can

access.

switch(config-role-vlan)# permit vlan

vlan-list

Step 4

Cisco Nexus 5000 Series Switch CLI Software Configuration Guide

OL-16597-01 321

Configuring User Accounts and RBAC

Changing User Role VLAN Policies